Vulnerability Details : CVE-2007-3872
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
Vulnerability category: Execute code
At least one public exploit which can be used to exploit this vulnerability exists!
Exploit prediction scoring system (EPSS) score for CVE-2007-3872
Probability of exploitation activity in the next 30 days: 93.66%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2007-3872
-
HP OpenView Operations OVTrace Buffer Overflow
Disclosure Date : 2007-08-09exploit/windows/misc/hp_ovtraceThis module exploits a stack buffer overflow in HP OpenView Operations version A.07.50. By sending a specially crafted packet, a remote attacker may be able to execute arbitrary code. Authors: - MC <[email protected]>
CVSS scores for CVE-2007-3872
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
[email protected] |
References for CVE-2007-3872
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
-
http://www.vupen.com/english/advisories/2007/2841
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574
Patch
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35928
-
http://www.securityfocus.com/bid/25255
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
-
http://www.securitytracker.com/id?1018548
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
Products affected by CVE-2007-3872
- cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*
- cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*